systrace has been discontinued since 2009 and Linux support is incomplete.
sydbox compiled on my puppy linux, but has no option for COW.
cowdancer and clones requires you to hardlink all the files to protect, which is a bit time-consuming if you wish to protect all the rootfs!
The other options i've found requires either: chroot (xchroot, glimpse), a specific kernel module (AppArmor), a daemon running in privileged mode (sandfox), or just root priviledges to mount.
Now i'm investigating
UMView...